Lucene search

[email protected]NVD:CVE-2008-4810

HistoryOct 31, 2008 - 6:09 p.m.

CVE-2008-4810

2008-10-3118:09:08

CWE-94

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.5%

JSON

The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and (1) a dollar-sign character, aka “php executed in templates;” and (2) a double quoted literal string, aka a “function injection security hole.” NOTE: each vector affects slightly different SVN revisions.

Affected configurations

NVD

Node

smartysmartyMatch1.0

smartysmartyMatch1.0a

smartysmartyMatch1.0b

smartysmartyMatch1.1.0

smartysmartyMatch1.2.0

smartysmartyMatch1.2.1

smartysmartyMatch1.2.2

smartysmartyMatch1.3.0

smartysmartyMatch1.3.1

smartysmartyMatch1.3.2

smartysmartyMatch1.4.0

smartysmartyMatch1.4.0b1

smartysmartyMatch1.4.0b2

smartysmartyMatch1.4.1

smartysmartyMatch1.4.2

smartysmartyMatch1.4.3

smartysmartyMatch1.4.4

smartysmartyMatch1.4.5

smartysmartyMatch1.4.6

smartysmartyMatch1.5.0

smartysmartyMatch1.5.1

smartysmartyMatch1.5.2

smartysmartyMatch2.0.0

smartysmartyMatch2.0.1

smartysmartyMatch2.1.0

smartysmartyMatch2.1.1

smartysmartyMatch2.2.0

smartysmartyMatch2.3.0

smartysmartyMatch2.3.1

smartysmartyMatch2.4.0

smartysmartyMatch2.4.1

smartysmartyMatch2.4.2

smartysmartyMatch2.5.0

smartysmartyMatch2.5.0rc1

smartysmartyMatch2.5.0rc2

smartysmartyMatch2.6.0

smartysmartyMatch2.6.0rc1

smartysmartyMatch2.6.0rc2

smartysmartyMatch2.6.0rc3

smartysmartyMatch2.6.1

smartysmartyMatch2.6.2

smartysmartyMatch2.6.3

smartysmartyMatch2.6.4

smartysmartyMatch2.6.5

smartysmartyMatch2.6.6

smartysmartyMatch2.6.7

smartysmartyMatch2.6.9

smartysmartyMatch2.6.10

smartysmartyMatch2.6.11

smartysmartyMatch2.6.12

smartysmartyMatch2.6.13

smartysmartyMatch2.6.14

smartysmartyMatch2.6.15

smartysmartyMatch2.6.16

smartysmartyMatch2.6.17

smartysmartyMatch2.6.18

References

code.google.com/p/smarty-php/source/detail?r=2784&path=/trunk/libs/Smarty_Compiler.class.php

code.google.com/p/smarty-php/source/detail?r=2797&path=/trunk/libs/Smarty_Compiler.class.php

secunia.com/advisories/32329

securityvulns.ru/Udocument746.html

smarty-php.googlecode.com/svn/trunk/NEWS

www.debian.org/security/2008/dsa-1691

www.openwall.com/lists/oss-security/2008/10/25/2

www.securityfocus.com/bid/31862

bugs.gentoo.org/attachment.cgi?id=169804&action=view

exchange.xforce.ibmcloud.com/vulnerabilities/46031

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.5%

JSON

Related for NVD:CVE-2008-4810

ubuntucve1 prion1 redhatcve1 nessus5 openvas17 cve1 cvelist1 altlinux2 debian3 osv2 gentoo1 ubuntu1